ioc[.]one - OSINT Cyber Threat Intelligence Database

Qakbot Campaign Delivered Black Basta Ransomware

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Regsvr32 - T1218.010 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Regsvr32 - T1117

Show in Graph

Common Information

Type	Value
UUID	3981804a-41b3-484f-b6ff-40c487bacb5e
Fingerprint	e9f01cbc375c1edf
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 29, 2023, midnight
Added to db	Oct. 24, 2023, 1:14 p.m.
Last updated	Sept. 3, 2024, 3:33 a.m.
Headline	Qakbot Campaign Delivered Black Basta Ransomware
Title	Qakbot Campaign Delivered Black Basta Ransomware
Detected Hints/Tags/Attributes	69/2/24

Source URLs

	Redirection	Url
Details	Source	https://www.secureworks.com/blog/qakbot-campaign-delivered-black-basta-ransomware

URL Provider

Details	Provider	Source level domain
Details	secureworks.com	www.secureworks.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	x6.zip
Details	Domain	1	davalex-ng.com
Details	Domain	1	samiford.com
Details	Domain	1	jagiwicure.com
Details	Domain	1	jibebukuki.com
Details	File	1	x6.zip
Details	File	3	ww.js
Details	File	1	msrcl.exe
Details	File	1	cob_56.dll
Details	md5	1	4d4afa8b53727c555e42f968b1c9aac3
Details	md5	1	5af8bc9faf9fc0624180ca3d01579534
Details	md5	1	26814c6f3dd138baa80fe2976204bd6d
Details	md5	1	2772199d2a9e5f1394769efebe385c92
Details	md5	1	507d8c2edb4500f479f31320aeae9940
Details	md5	1	d893a91a87cde424c90e699420f5c223
Details	md5	1	f9ff6bac08394cce4b892bc5875e3970
Details	md5	1	bcdfaa83f3d7613b7f55968b410e85d7
Details	md5	1	3faef85636d1a6c20453e714693f0957
Details	md5	1	fcfcf1e45e8d5cdca0450b8dc90754b6
Details	md5	1	538078ab6d80d7cf889af3e08f62c4e8
Details	md5	1	3358596f31ac8ae8fbc6326839a6bfe5
Details	IPv4	1	146.70.86.61
Details	IPv4	1	159.223.144.162
Details	IPv4	1	138.68.169.162